[原创]FtpUpFilev1.0
文章标题:[原创]FtpUpFilev1.0顶部 asm 发布于:2007-04-2304:49 [楼主][原创]FtpUpFilev1.0
文章作者:asm
信息来源:邪恶八进制信息安全团队
这个东西很适合用来上传ip.txt类的木马连接文件。呵呵,大家想用就用吧。其中有个类我采用了EST的一位会员husheng34的,在此感谢。
编程环境:Asm/C混合编程
系统环境:XP+SP2
=800)window.open('../images/10_64507_e7e883f0c4e84ef.jpg');"onload="if(this.width>'800')this.width='800';if(this.height>'800')this.height='800';">
ASM:
Copycode
;******************************************************
;程序编写byAsm
;Ri期:2007-4-23Ri凌晨
;出处:[url]www.wolfexp/[/url](红狼安全小组)
;注意事项:如欲转载,请保持本程序的完整,并注明:
;转载自红狼安全小组([url]www.wolfexp/[/url])
;******************************************************
.386
.modelflat,stdcall
optioncamap:none
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include windows.inc
include ur32.inc
include kernel32.inc
include comdlg32.inc
include wsock32.inc
include Ws2_32.inc
includelib ur32.lib
includelib kernel32.lib
includelib comdlg32.lib
includelib wsock32.lib
includelib Ws2_32.lib
includelib mylib.lib
includemacros.inc
MyFunc1protoc:dword,:dword,:dword,:dword,:dword;C函数声明
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
includedata.asm
.code
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_OpenFile proc
local @stOF:OPENFILENAME
local @stES:EDITSTREAM
;********************************************************************
;显示“打开文件”对话框
;
********************************************************************
not reallyinvoke RtlZeroMemory,addr@stOF,sizeof@stOF
投资收益是什么科目mov @stOF.lStructSize,sizeof@stOF
push hWinMain
pop @stOF.hwndOwnerlanguage exchange
mov @stOF.lpstrFilter,offtszFilter
mov @stOF.lpstrFile,offtszFilePath
mov @stOF.nMaxFile,MAX_PATH
mov @stOF.Flags,OFN_FILEMUSTEXISTorOFN_PATHMUSTEXIST官瓷
mov @stOF.lpstrDefExt,offtszMessageTitle
invoke GetOpenFileName,addr@stOF
盘子的英文
ret
_OpenFile endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_FtpUpFile proc
localszRecv[1024]:DWORD
invokeMyFunc1,addrszServer,addrszFilePath,addrszNameONServer,addrszUr,addrszPass
invokeMessageBox,0,CTXT("文件上传成功!"),CTXT("傻冒"),MB_ICONINFORMATION
ret
_FtpUpFile endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_MainDialogProc proc ubxediesihWnd,wMsg,wParam,lParam
mov eax,wMsg
.if eax==WM_CLOSE
invoke EndDialog,hWinMain,NULL
;********************************************************************
.elif eax==WM_INITDIALOG
mov eax,hWnd
mov hWinMain,eax
invoke SetDlgItemText,hWnd,IDC_Server,CTXT("www.hackok")
invoke SetDlgItemText,hWnd,IDC_Ur,CTXT("asm")
invoke SetDlgItemText,hWnd,IDC_Pass,CTXT("password")
invoke SetDlgItemText,hWnd,IDC_FileNameOnServer,CTXT("asm.rar")
;********************************************************************
.elif eax==WM_COMMAND
mov eax,wParam
movzx eax,ax
.ifeax==IDC_Open
汽车打蜡步骤call_OpenFile
invokeSetDlgItemText,hWnd,IDC_UpFile,addrszFilePath
.elif eax== IDC_UpFile
invoke GetDlgItemText,hWnd,IDC_UpFile,addrszFilePath,sizeofszFilePath
mov ebx,eax
invoke GetDlgItem,hWnd,IDOK
invoke EnableWindow,eax,ebx
.elif eax== IDOK
invoke GetDlgItemText,hWnd,IDC_Server,addrszServer,sizeofszServer
invoke GetDlgItemText,hWnd,IDC_Ur,addrszUr,sizeofszUr
day by day什么意思
invoke GetDlgItemText,hWnd,IDC_Pass,addrszPass,sizeofszPass
invoke GetDlgItemText,hWnd,IDC_FileNameOnServer,addrszNameONServer,sizeofszNameONServer
invoke CreateThread,NULL,0,offt_FtpUpFile,NULL,\
NULL,addrhThread
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.elifeax==IDC_Out
invokeExitProcess,eax
.endif
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.el
mov eax,FALSE
ret
.endif
mov eax,TRUE
ret
_MainDialogProc endp
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke DialogBoxParam,hInstance,DLG_MAIN,NULL,offt_MainDialogProc,NULL
invoke ExitProcess,NULL
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
end start
C:
Copycode
/*
程序编写byAsm
Ri期:2007-4-23Ri凌晨
出处:[url]www.wolfexp/[/url](红狼安全小组)
注意事项:如欲转载,请保持本程序的完整,并注明:
转载自红狼安全小组([url]www.wolfexp/[/url])
*/
#include"winsock.h"
#include"windows.h"
#include"stdio.h"
#include"string"
#include"vector"
#include"algorithm"
usingnamespacestd;
extern"C"intMyFunc1(char*hostname,char*FilePath,char*NameONServer,char*lpur,char*lppass);
charBuff[1024];
SOCKETlistenFD=NULL;
intrecvbuff()
{
ZeroMemory(Buff,1024);//清0
intret= recv(listenFD,Buff,1024,0);
MessageBox(0,Buff,"服务器返回信息",MB_ICONINFORMATION);
return0;
}
intMyFunc1(char*hostname,char*FilePath,char*NameONServer,char*lpur,char*lppass)
{
structsockaddr_inmy;
structhostent*host;
WSADATAwsadata;
BOOLThreadFlag=FALSE;
DWORDThreadID=0;
intnRet=0;
nRet=WSAStartup(MAKEWORD(2,2),&wsadata); //初始化
listenFD=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
my.sin_family=AF_INET;
host=getho
stbyname(hostname);
my.sin_addr=*((structin_addr*)host->h_addr_list[0]);
my.sin_port=htons(21);
while(1)
{
nRet=connect(listenFD,(structsockaddr*)&my,sizeof(structsockaddr));
if(nRet!=SOCKET_ERROR)
{
break;
}
}
recvbuff();//接收服务器版本信息
//==================================
charur1[156];
charur[]="USER%s\r\n";
wsprintf(ur1,ur,lpur);
nd(listenFD,ur1,sizeof(ur1),0);
recvbuff();
//==========================================
charpass1[156];
charpass[]= "PASS%s\r\n";
wsprintf(pass1,pass,lppass);
nd(listenFD,pass1,sizeof(pass1),0);
recvbuff();
//=======================================================
chartype[]="TYPEI\r\n";
nd(listenFD,type,sizeof(type),0); //更改传输类型为二进制
recvbuff();
//==========================================
//更改路径命令是CWD
//================================
charpasv[]="PASV\r\n";
nd(listenFD,pasv,sizeof(pasv),0); //请求服务器等待连接
recvbuff();
新概念英语听力//=======================================
stringifstr=Buff; //把返回信息传给string对像,string是STL中的字符串对象
string::size_typepos=0; //长度,当整型吧,size_type是为了跨平台
string::size_typeslen=ifstr.find("(")+1; //find是指查找字符"("的位置,返回长度
string::size_typedlen=0;
inti=0;
for(i;i<4;i++) //把IP地址中的","换成"."
{
dlen=ifstr.find(",",dlen);
dlen++;
}
stringip=ifstr.substr(slen,dlen-slen-1); //把IP地址提出来
//==================================== //把端口提出来
stringtemport;
u_shortuport;
slen=dlen;
dlen=ifstr.find(",");
temport=ifstr.substr(slen,dlen-slen);//slen起始地址,第二参数表示以第一个地址copy出的字节数
uport=atoi(temport.c_str())*256;
/
/=====================================
slen=dlen+1;
dlen=ifstr.find(")",slen);
temport=ifstr.substr(slen,dlen-slen);
uport+=atoi(temport.c_str());
//====================================
//分析返回的PASV信息完成,开始数据通道连接
//===================================
SOCKETssock=NULL;
ssock=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
structsockaddr_inrver;
rver.sin_family=AF_INET;
rver.sin_addr.s_addr=inet_addr(ip.c_str());love for life
rver.sin_port=htons(uport);
while(1)
{
nRet=connect(ssock,(structsockaddr*)&rver,sizeof(structsockaddr));
if(nRet!=SOCKET_ERROR)
{
break;
}
}
/
*==============================================
//创建一个新目录把文件传到创建的目录,
如果需要这样做,请注释去掉,这样程序就可以把
//你的文件传到你所设定的目录,这里是admin
//charnewfile[]="MKDwwwroot\r\n";
//nd(listenFD,newfile,sizeof(newfile),0); //创建一个新的目录
//recvbuff();
//==========================================
//============================================
//更改工作目录,这样可以随便把文件传到所更该的目录上去
charpa[156];
charpasv1[]="CWD%s\r\n";
if(lstrlen(szDirectory)!=NULL)
{
wsprintf(pa,pasv1,szDirectory);
nd(listenFD,pasv1,sizeof(pasv1),0); //更改工作目录
recvbuff();
}
*/
charstor1[156];
charstor[]="STOR%s\r\n"; //上传文件
wsprintf(stor1,stor,NameONServer);
nd(listenFD,stor1,sizeof(stor1),0);
recvbuff();
//=======================================
FILE*fp=NULL; //打开文件
fp=fopen(FilePath,"rb");//只读打开二进制文件
//============================================
charfilebuff[1024] ;//发送文件缓冲
longret; //实际发送的字节数
longflen;
while(flen =fread(filebuff,1,1024,fp)) //接收文件只到全部读完
{
辽宁省高考分数查询
while(flen) //不停发送,将文件全部发送到更改的目录去
{
ret=nd(ssock,filebuff,flen,0);
Sleep(0);
flen -=ret;
}
ZeroMemory(filebuff,1024);
}
closocket(ssock);
return0;
}
[此贴被asm在2007-04-2305:06重新编辑]
附件:FtpUp.rar(391K)下载次数:65(c)Copyleft2003-2007,EvilOctalSecurityTeam.
ThisfileisdecompiledbyanunregisteredversionofChmDecompiler.
Regsiteredversiondoesnotshowthismessage.
YoucandownloadChmDecompilerat:/
